<?php

header('Content-Type: text/html; charset=utf-8'); 

if(!ini_get('register_globals')) foreach($_REQUEST as $k_123=>$v_123) ${$k_123} = $v_123;

$crypt_key = 'FfcrCsFbvZ0YR3wEj2IE';
$mysql_addr = 'localhost';
$mysql_usr = 'mantichora_net';
$mysql_pwd = 'Lcyna2vP';
$mysql_db = 'mantichora_net';

$db = mysql_connect($mysql_addr,$mysql_usr,$mysql_pwd) or die('[1]MySQL error: '.mysql_error());
mysql_select_db($mysql_db);

if($cmd) {
	if(!$k) die('no k');
	$ip = $_SERVER['REMOTE_ADDR'];
	if(!($fp=@fopen($file='./sessions/'.$ip,'r'))) die('no sess');
	if(!($s=filesize($file))) die('empty file');
	$k2 = fread($fp,$s);
	fclose($fp);
	if($k!=$k2) die("k!=k2\n$k\n$k2");

	require '../private/com/crypt.1.php';

	$key = split("\n",decrypt($k,$crypt_key));
	$u = $key[0];
	$p = $key[1];
	$uid = $key[2];
	$test = decrypt($key[3],$u);
	if($test!='test') die('test!=test');

	echo "cmd=$cmd&u=$u&p=$p&uid=$uid&symbol=$symbol&id=$id<br>\n";
	if($uid && ($symbol || $id)) {
		echo '1';
		if($cmd=='delete') {
			mysql_query('delete from tools_text where uid='.$uid.' and id='.$id) or die('[2]MySQL error: '.mysql_error());
			echo '2';
			die('OK');
		} else if($cmd=='save') {
			str_replace('\'','\'\'',$text);
			echo "text='$text'<br>\n";
			if($id) {
				mysql_query('update tools_text set `text`=\''.$text.'\',modified=now() where uid='.$uid.' and id='.$id) or die('[3]MySQL error: '.mysql_error());
				echo '3';
				die('OK');
			} elseif($symbol) {
				mysql_query('insert into tools_text values (null,\''.$lang.'\','.$uid.',\''.$symbol.'\',\''.$text.'\',now(),now())') or die('[4]MySQL error: '.mysql_error());
				echo '4';
				die('OK');
			}
		}
	}
} elseif($id) {
	$result = mysql_query('select `text` from tools_text where id='.$id) or die('[5]MySQL error: '.mysql_error());
	$row = mysql_fetch_array($result,MYSQL_NUM);
	echo $row[0];
} elseif($symbol) {
	if($k) {
		require '../private/com/crypt.1.php';
		$key = split("\n",decrypt(urldecode($k),$crypt_key));
		$uid = $key[2];
	} else $uid = 0;
	$i = 0;
	$result = mysql_query('select t.id,t.uid,t.text,m.user from tools_text as t left join member as m on m.id=t.uid where symbol=\''.$symbol.'\''.($lang? ' and lang=\''.$lang.'\'' : '')) or die('[6]MySQL error: '.mysql_error());
	for(; ($row=mysql_fetch_array($result,MYSQL_ASSOC)); $i++) {
		if($format=='html') {
?><div class="text box">
	<div class="text_text"><?= $row['text'] ?></div>
	<div class="text_user">Inskriven av: <a href="user://<?= $row['uid'] ?>"><?= $row['user'] ?></a></div>
	<div class="text_controls">
		<div class="button"><a href="symbol://<?= $symbol ?>#<?= $row['id'] ?>?edit">Redigera</a></div>
		<div class="button"><a href="symbol://<?= $symbol ?>#<?= $row['id'] ?>?delete">Ta bort</a></div>
		<div class="clear"></div>
	</div>
</div>
<?php
		}
	}
}

?>